The Mozilla Foundation is developing an open source security framework called Minion and plans to release a beta version in the first quarter of 2013. Minion will allow developers to subject their web applications to a security check.
The framework will target applications with well-established pen testing tools such as OWASP's Zed Attack Proxy (ZAP), Skipfish and NMAP. Further testing tools are planned to be incorporated into the framework as plugins.

The link for this article located at H Security is no longer available.